router: account and authentication endpoints

[ChurchOfTheSubgenius]

To start working towards meeting API parity with the golang server, we should start out by implementing the account and authentication API endpoints. Please refer to the account table in issue #43.

[avdb13]

Account routes should probably pay attention to matrix-org/matrix-spec-proposals#2828 so that future compatibility with Conduit (which I'm pretty sure already performs username validity checks) isn't broken.

On the other hand, I wonder whether the password reset route should only require the old password. The API just falls back on UIAA which requires a user identifier but /whoami can translate the access token to a username whenever necessary.
Refer: https://docs.ruma.io/ruma_client_api/uiaa/enum.UserIdentifier.html

[erlend-sh]

Future compatibility with Conduit is a non-concern at this stage. We build to be compatible with Synapse first, and make changes in the future if necessary for compatibility with Conduit.

Trying to preempt future requirements now will require much more time and work as opposed to being adaptable to changing requirements as they become practical reality.

avdb13 said:

Sorry for the confusion here, this is not Conduit-specific but Conduit is already adhering to this MSC as it's still working towards a stable release.
The check can eventually be removed in the future and is adding little overhead, since user IDs are such a core concept this does seem like part of Commune's concern.

👌

[ChurchOfTheSubgenius]

For now, let's do what the golang code does. Once the API parity list on #43 reaches fully green, then we can think of enhancements and optimizations.

[avdb13]

#51 dealed with the account endpoints.

[avdb13]

Closed in favor of #53.

Will update the OP eventually to reflect the new location of the endpoints.